<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    <title>BendTech Directory</title>

    <?php include_once 'PP.php'; ?>
    <?php include_once 'microakismet.php'; ?>
    <?php include_once 'PPEntry.php'; ?>
  </head>

  <body id="pp_submit">
    <?php include_once('bendtech-header.php') ?>
    <?php
      // Get/create the entry
      $id = (int)$_POST['id']; // Prevent sql injections
      $entry = ($id > 0) ? PPEntry::get_entry($id) : new PPEntry(NULL);
      $doDelete = (bool)$_POST['doDelete'];
      $isNew = $entry->isNew();
      $entryNav = false;
      $entry->auth($_POST['auth']);

      if ($entry->isEditable()) {
        if ($doDelete) {
          $entry->delete();
          ?>
            <p>The entry has been deleted</p>
            <?php
        } else {
          $spam = false;

          // Perform spam check with Akismet?
          if ($GLOBALS['akismet_key']) {
            $vars = array();
            // Uncomment to mix in $_SERVER properties, which may or may not improve spam detection(???)
            // $vars = array_merge($vars, $_SERVER);
            $vars['user_ip']                = $_SERVER['REMOTE_ADDR'];
            $vars['user_agent']             = $_SERVER['HTTP_USER_AGENT'];

            // The body of the message to check, the name of the person who
            // posted it, and their email address
            $vars['comment_content']        = $_POST['description'];
            $vars['comment_author']         = $_POST['name'] . ' ' . $_POST[company];
            $vars['comment_author_email']   = $_POST['email'];

            // ... Add more fields if you want

            // Check if it's spam
            $spam = akismet_check($vars);
          }

          if (!$spam) {
            // Merge post'ed values into the entry
            $entry->merge($_POST);

            // Update password (in case it changed)
            if ($_POST['password'] || (bool)$_POST['clear_password']) {
              $entry->setPassword($_POST['password']);
            }
            $status = 'deleted';

            // Save entry
            $entry->save();

            // Save uploaded file (skip any files that are too big!)
            if ($_FILES['image']['size'] > 0 && $_FILES['image']['size'] < 1000000) {
              $entry->setImage($_FILES['image']['tmp_name']);
            }

            if ($isNew) {
              $entryNav=true;
              ?>
                <p>The entry has been created</p>
                <?php
            } else {
              $entryNav=true;
              ?>
                <p>The entry has been updated</p>
                <?php
            }
          } else { // Akismet thinks this is spam so we output a generic message
            header('Status: 400 Bad Request');
            ?>
              <p>Sorry, please ask moderator for help</p>
              <?php
          }
        }
      } else {
        ?>
          <p>Error: Not authorized</p>
          <ul class="pp_nav">
          <li><a href="<?= PP::getUrl('index') ?>">Back to Index</a></li>
          </ul>
          <?php
      }
    ?>
    <ul class="pp_nav">
      <li><a href="<?= PP::getUrl('index') ?>">Back to Index</a></li>
      <?php if ($entryNav) { ?>
        <li><a href="<?= $entry->getUrl('view') ?>">View this entry</a></li>
        <li><a href="<?= $entry->getUrl('edit') ?>">Edit this entry</a>
      <?php } ?>
    </ul>
    <?php include_once('bendtech-footer.php') ?>
  </body>
</html>
<?php PP::disconnect(); ?>
